search for: pskfile

...f SOCK_CLOEXEC here made me look for other fds that we might inadvertently destroy or leak in a multi-threaded process that does fork/exec (or even if the program linking against libnbd does connect_command() in two separate threads on two different nbd objects). I found: lib/crypto.c: fp = fopen (pskfile, "r"); We need to use either fopen(pskfile, "re") (if libc is new-enough to support "e" for O_CLOEXEC) or raw open(O_CLOEXEC) + fdopen() instead. -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.o...

I also made the code a bit more robust about closing the socket along error paths. --- generator/states-connect.c | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/generator/states-connect.c b/generator/states-connect.c index ba8b240..a69b70f 100644 --- a/generator/states-connect.c +++ b/generator/states-connect.c @@ -27,6 +27,7 @@ #include

This is ready for review but needs a bit more real-world testing before I'd be happy about it going upstream. It also needs tests. It does interoperate with qemu, at least in my limited tests. Rich.

...kit - A toolkit for creating NBD servers [--newstyle] [--oldstyle] [-P PIDFILE] [-p PORT] [-r] [--run CMD] [-s] [--selinux-label LABEL] [-t THREADS] [--tls=off|on|require] [--tls-certificates /path/to/certificates] - [--tls-verify-peer] + [--tls-psk /path/to/pskfile] [--tls-verify-peer] [-U SOCKET] [-u USER] [-v] [-V] PLUGIN [key=value [key=value [...]]] @@ -288,6 +288,12 @@ support). See L</TLS> below. Set the path to the TLS certificates directory. If not specified, some built-in paths are checked. See L</TLS> below for m...

v2: * Improved documentation. * Added a test (interop with qemu client).

...in NBD URIs is allowed."; + see_also = ["L<nbd_connect_uri(3)>"]; + }; + "connect_uri", { default_call with args = [ String "uri" ]; ret = RErr; @@ -1539,7 +1616,50 @@ be present for the other transports. =item B<tls-psk-file=>F<PSKFILE> -Set the PSK file. See L<nbd_set_tls_psk_file(3)>. +Set the PSK file. See L<nbd_set_tls_psk_file(3)>. Note +this is not allowed by default - see next section. + +=back + +=head2 Disable URI features + +For security reasons you might want to disable certain URI +features. Pre-f...

.... + =back =head1 PLUGIN NAME diff --git a/docs/synopsis.txt b/docs/synopsis.txt index 5fc57fd..a6b6028 100644 --- a/docs/synopsis.txt +++ b/docs/synopsis.txt @@ -12,7 +12,7 @@ nbdkit [-D|--debug PLUGIN|FILTER.FLAG=N] [--tls-certificates /path/to/certificates] [--tls-psk /path/to/pskfile] [--tls-verify-peer] [-U|--unix SOCKET] [-u|--user USER] - [-v|--verbose] [-V|--version] + [-v|--verbose] [-V|--version] [--vsock] PLUGIN [[KEY=]VALUE [KEY=VALUE [...]]] nbdkit --dump-config diff --git a/server/internal.h b/server/internal.h index 167da59..5e11e1a 100...

Previous discussion: https://www.redhat.com/archives/libguestfs/2019-August/msg00102.html Last night I experimentally added support for URIs that contain the query parameter tls-psk-file, as part of rewriting the tests to cover more of the URI code. So you can now have a URI like: nbds://alice@localhost/?tls-psk-file=keys.psk However there's an obvious security problem here because now

v1 was discussed here: https://www.redhat.com/archives/libguestfs/2019-October/thread.html#00100 v2: - Bind to VMADDR_CID_ANY (instead of HOST) and update the documentation accordingly. - Don't bother with SOCK_CLOEXEC fallback path that can never be used. Rich.

...t; " [--run CMD] [-s] [--selinux-label LABEL] [-t THREADS]\n" > " [--tls=off|on|require] [--tls-certificates /path/to/certificates]\n" > - " [--tls-verify-peer]\n" > + " [--tls-psk /path/to/pskfile] [--tls-verify-peer]\n" > " [-U SOCKET] [-u USER] [-v] [-V]\n" > " PLUGIN [key=value [key=value [...]]]\n" > "\n" > @@ -314,6 +316,10 @@ main (int argc, char *argv[]) > tls_certificates_dir =...

This is a series of patches to libnbd and nbdkit adding AF_VSOCK support. On the host side it allows you to start an nbdkit instance which listens on a virtio-vsock socket: $ ./nbdkit -fv --vsock memory 1G ... nbdkit: debug: bound to vsock 2:10809 On the guest side you can then use libnbd to connect to the server: $ ./run nbdsh -c 'h.connect_vsock(2, 10809)' -c

This isn't quite finished because not all of the tests or examples have been updated, but it demonstrates an idea: Should we forget about the concept of having multiple connections managed under a single handle? In this patch there is a single ‘struct nbd_handle *’ which manages a single state machine and connection (and therefore no nbd_connection). To connect to a multi-conn server you must